Linux Kernel security mitigations protect systems from hardware security vulnerabilities, but they often come at the cost of performance. In this article, I will note possible performance impact of kernel mitigations, particularly in the context of Docker.

Here is a simpler and slightly more automated version of building kernel configs.

The cloudflare story continues…

If you’re using Cloudflare in a latency sensitive environment in the cloud, take care to account for the fact that your cloud provider and Cloudflare might both be trying to optimize the network usage, clashing with each other’s improvements, ultimately resulting in a worsened performance.

In this one I’ll walk through the steps of booting into it with CPUs isolated, and noise offloaded off the isolated CPUs, followed by running a task on that CPU.

Magic Trace uses Intel Processor Trace (IPT) to generate these high-resolution traces with minimal overhead. Can you use it with Go?

Recently, I wanted to benchmark some of aspects of this on a tickless kernel. Since most of my development workflow is Ubuntu based and I have no compelling reason to change that, the most straightforward option was to compile the Ubuntu kernel with nohz_full option.

As the title suggests, I’ve decided to post my musings, ramblings, but mostly notes for self-reference.